On Wed, 2014-10-08 at 12:36 +0200, Berend De Schouwer wrote:
> I can confirm good behaviour with this patch, bad behaviour with
> 0.7.16.
Thanks. Note that 0.7.16 contains a known security issue
(CVE-2013-0288). I'm not sure the PAM return code issue will be fixed in
0.7 because it will only receive fixes for major bugs.
If you are compiling from source I strongly recommend at least 0.8.14
because it contains a number of improvements in this area (as mentioned
the issue you reported is fixed in 0.8.3). The 0.9.4 release is also
quite stable at this point.
> My "unit tests" to test this condition were getting confused because:
> "not retrying server ldap://127.0.0.1:9009/ which failed just 1
> second(s) ago and has been failing for 12 seconds"
>
> It's been a bit problematic writing repeatable tests for nslcd
> up/down, ldap up/down, password in cache up/down, password good/bad...
> Fun with timing :)
Testing is indeed quite hard and the automated tests I have now are
mostly for the happy flow (and a few limited tests for the timeout
handling).
--
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org/ --

This archive was generated using
mhonarc
on Mon Jun 01 04:04:32 2020.
If you have any questions about these pages, please contact
listmaster [at]
arthurdejong.org.
Please see the mailing list policy and disclaimer.